Methods and apparatuses for providing provisioned access control for hosted tailored vertical applications

ABSTRACT

Embodiments of the invention provide methods and apparatuses for determining privileges pertaining to a customer relationship management (CRM) application and granting the privileges in a secure and traceable manner to individual companies and users to effect a differential cost assessment scheme based on resource usage.

FIELD

Embodiments of the invention relate generally to the field of tailored enterprise software applications, and more specifically to methods for providing provisioned access control for hosted tailored vertical software applications.

BACKGROUND

Hosted software applications refer to applications that are stored remotely and accessed over an internet. A hosted application is typically stored on a server of a hosting company and downloaded to a local computer of a customer company when used. Hosted software applications allow a customer company to delegate the responsibilities of maintaining the software application.

One type of software application that may be hosted is a customer relationship management (CRM) application. However, typical CRM applications pose several obstacles to cost-efficient hosting.

A CRM application is an enterprise-wide application that allows companies to manage aspects of customer relationships. A typical CRM application provides a set of business objects (entities) and a set of business processes (processes) that operate on the entities. Entities represent a distinct matter of importance to a business. Entities may include, for example, contacts, accounts, or the relationship between them. Processes operate on and across one or more of the entities and define possible states and transitions of the entities. Processes may include, for example, an account setup process for opening a new account.

Typically, CRM application includes a suite of sales and service functionality referred to as base CRM functionality (base CRM). The base CRM applications can be specialized or tailored to address the needs of a specific industry. Such industry-specific CRM applications are referred to as vertical CRM applications (verticals). Moreover, a base CRM application or a vertical may be tailored to address the needs of the particular customer company using the application. Such highly tailored applications require additional computational or storage resources for the application to manage additional information regarding company-specific entities and processes.

In a conventional, non-hosted, environment, the CRM application is installed at a location specific to the customer company and these additional costs can be attributed to the customer-company.

A customer-specific CRM application may employ components of one or more verticals. For example, a CRM application specifically tailored for a large automotive dealer may include components of an automotive vertical for processing automotive accounts and services as well as components of a financial vertical for managing loans. For such, highly tailored CRM applications, employing components from multiple verticals, difficulties arise in maintaining consistency of shared data across verticals. For example, for a tailored CRM application employing components of an automotive vertical and a financial vertical, vehicles and loans may each be considered products and changes to either entity may affect both.

Again, for non-hosted CRM applications the associated cost of maintaining consistency of shared data is borne by the particular customer company. The tailoring is effected only if the functionality is sufficiently valuable to the particular customer company.

As noted above, hosting CRM applications provides a number of advantages for a customer company. Such advantages are even greater when the hosted CRM application is a highly tailored vertical application. A hosting company that provides highly tailored vertical applications is likely to be of greater interest to potential customer companies than a hosting company that provides only a base CRM functionality.

However, the characteristics of highly tailored verticals discussed above make hosting such applications problematic for the hosting company. Hosting companies rely on economy of scale provided by efficiently sharing resources with multiple customer companies. Highly tailored CRM vertical applications may be customer-specific or at most applicable to a small number of customer companies. Hosting multiple individual highly tailored verticals is incompatible with the economies of scale necessary to make hosting a financially attractive endeavor. That is, currently, to provide a highly tailored vertical to multiple customer companies requires multiple software systems and servers.

Moreover, the inability to differentiate customer companies based upon their respective resource usage in order to provide accurate cost assessment (billing), is an additional problematic area in hosting highly tailored verticals. That is, a practical implementation for hosting highly tailored verticals should allow for differentiated cost assessment proportional to resource usage that is unavailable with current hosting schemes.

SUMMARY

Embodiments of the invention provide methods for providing provisioned access control for hosted tailored vertical software applications. In accordance with one embodiment, a set of privileges is determined. Each privilege pertains to a corresponding operation of a customer relationship management application. The set of privileges is granted to one or more users based on specific criteria. For one embodiment of the invention, privileges that are deemed to require differential cost assessment are made securely grantable and traceable.

Other features and advantages of embodiments of the present invention will be apparent from the accompanying drawings, and from the detailed description, that follows below.

BRIEF DESCRIPTION OF THE DRAWINGS

The invention may be best understood by referring to the following description and accompanying drawings that are used to illustrate embodiments of the invention. In the drawings:

FIG. 1 illustrates a system for implementing a hosted CRM application having a set of universal configuration options for specifying a highly tailored vertical in accordance with one embodiment of the invention;

FIG. 2 illustrates a process in which an overlapping entity conflict is resolve in accordance with one embodiment of the invention;

FIG. 3 depicts a partial subset/superset relationship between corresponding entities of different CRM applications in accordance with one embodiment of the invention;

FIG. 4 illustrates a process for resolving an exclusive entity process in accordance with one embodiment of the invention;

FIG. 5 illustrates a process for resolving process conflicts in accordance with one embodiment of the invention;

FIG. 6 illustrates a process creating a set of universal configuration options that can be combined to tailor a vertical in accordance with one embodiment of the invention;

FIG. 7 illustrates a process for implementing provisioned access control in accordance with one embodiment of the invention; and

FIG. 8 is a block diagram illustrating one embodiment of a digital processing system that may be included within the customer company in accordance with an embodiment of the present invention.

DETAILED DESCRIPTION

Overview

Embodiments of the invention provide a highly tailored vertical while addressing the difficulties of hosting such an application. Embodiments of the invention provide a set of universal configuration options (UCOs). The UCOs can be used to produce a highly tailored vertical through use of operational and runtime tailoring capabilities. For one embodiment of the invention management capabilities for the UCOs are distributed in a manner that allows differential assessment of costs based upon resource usage.

For one embodiment of the invention incompatible business entities and processes from multiple existing verticals are decomposed to provide a set of UCOs. The deep functionality of each vertical CRM remains and is isolated behind corresponding configuration settings.

One embodiment of the invention provides a base CRM application and a set of UCOs that allow each of multiple customer companies to specify a highly tailored vertical by providing a company-specific configuration. For one embodiment of the invention a highly tailored vertical is automatically configured upon receipt of the configuration information from the customer company.

Therefore, in contrast to prior art schemes in which multiple instances of a software system are deployed and each is individually modified to effect particular verticals, embodiments of the invention allow a single hosted software system having a set of UCOs which allow each customer company to specify a highly tailored vertical.

Additionally, or alternatively, embodiments of the invention may provide a system for determining privileges pertaining to a CRM application and granting the privileges in a secure and traceable manner to individual companies and users to effect a differential cost assessment scheme based on resource usage.

In the following description, numerous specific details are set forth. However, it is understood that embodiments of the invention may be practiced without these specific details. In other instances, well-known circuits, structures and techniques have not been shown in detail in order not to obscure the understanding of this description.

Reference throughout the specification to “one embodiment” or “an embodiment” means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment of the present invention. Thus, the appearance of the phrases “in one embodiment” or “in an embodiment” in various places throughout the specification are not necessarily all referring to the same embodiment. Furthermore, the particular features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.

Moreover, inventive aspects lie in less than all features of a single disclosed embodiment. Thus, the claims following the Detailed Description are hereby expressly incorporated into this Detailed Description, with each claim standing on its own as a separate embodiment of this invention.

System

FIG. 1 illustrates a system for implementing a hosted CRM application having a set of UCOs for specifying a highly tailored vertical in accordance with one embodiment of the invention. System 100, shown in FIG. 1 includes a hosting company 105. Hosting company 105 provides a CRM application 110. The CRM application 110 may be run on one or multiple servers not specifically shown. The servers may be a number of individual digital processing systems (DPSs) connected through a communication link such as a local area network (LAN), an intranet, or the like. Moreover, the CRM application may be implemented as a single software program or multiple software programs cooperating with one another.

The CRM application 110 includes a base CRM configuration 111 and a set of UCOs 112. For an alternative embodiment the CRM application does not include a base configuration, but only a set of UCOs 112.

Hosting company 105 is communicatively coupled to one or more customer companies shown for example as customer company 120. In one embodiment of the invention, the CRM application 110 concurrently serves multiple customer companies. The hosting company 105 may be connected to the customer companies through a communication link which may be a network communications or any medium through which different devices may communicate such as the Internet, a wide area network (WAN), a local area network (LAN), an intranet, or the like. Customer company 120 includes a number of DPSs, shown for example as 121 a-121 c, through which users at the customer company 120 may access the CRM application 110 to configure and use a highly tailored vertical. The users at the customer company select one or more UCOs from the set of UCOs 112 to modify the base CRM configuration. The UCOs selected may be based on the specific business needs associated with the particular customer company, the role of the user within the customer company, or the individual user. The CRM application stores identity information 114 regarding the customer companies, the roles within each customer company, and the individual users at each customer company.

For one embodiment of the invention the UCOs used to tailor the vertical may be specified by one of three classes of users: customer service representatives (CSRs), customer company administrators (CCAs) and customer company employees (CCEs).

CSRs are employed by the hosting company and may operate across several customer companies. CSRs place tailoring requests against the CRM application in order to provide provisioned access to the customer companies and their employees based upon the services requested (e.g., purchased) by the customer company.

CCAs are employed by the customer company and may also place tailoring requests against the CRM application to manage employees of the customer company.

CCEs may also place tailoring requests, though such requests are typically limited. CCEs primarily place operational requests against the CRM application to display or transition business entity states. In contrast, CSRs and CCAs typically do not place operational requests.

In accordance with one embodiment of the invention tailoring capabilities are provided to the users at runtime (i.e., during the regular operation of the CRM application). For one embodiment of the invention, data store 115 is used to store identity information and selected UCOs associated with a particular user in a runtime configuration database. A serialized association of granted privileges for each user, as discussed below in reference to provisioned access control, may also be stored in data store 115.

Universal Business Entities and Processes

In accordance with one embodiment of the invention multiple existing business entities and process are decomposed into a set of universal business entities and processes. Decomposition allows existing business entities and processes to be integrated into a UCO set. Decomposition allows two or more incompatible CRM applications such as, for example, a base CRM application and a particular vertical to be essentially combined into a highly tailored vertical that is more amenable to hosting.

Typically, CRM applications include several entities and several processes. Entities are typically databases containing some pertinent data. Processes operate on one or more entities and modify the state of the entities or produce additional entities through the operation.

For example, a base CRM application may include entities such as leads, accounts, and contacts for the accounts, and may include a setup process for a new account that identifies a contact for the account. In contrast, a vertical, for example a medical education vertical may include entities such as hospitals and doctors. The hospital entity may specialize an account; thus, setting up a hospital sets up an account with additional information. That is, the entities may differ and substantially similar entities may have differing attributes. For example, for a medical education vertical each contact may include the attribute accreditations whereas in a base CRM application such an attribute, which is not typically required, would not be included.

Therefore a process that defines a contact in a medical education vertical would require different or additional information than a corresponding process of a base CRM application or a different vertical.

In general, an entity of one CRM application cannot be processed in the same manner as a substantially corresponding entity of a base CRM application or a different vertical.

For example, a base CRM application typically has functionality that is account-centric. The account may include shipping and billing addresses as well as a primary contact. The business efforts are focused toward the primary contact for the account. If an account is terminated, it is likely that the associated contacts are removed along with the account. Account and primary contact are highly related entities and are considered to be tightly bound. A medical education vertical functionality however, is contact-centric. The primary contact for an account, which is a hospital, may be the hospital administrator, but his may not be the person, or the only person, toward whom the business efforts are focused. Business efforts will be focused toward healthcare personnel at the hospital.

The two applications are incompatible and can't be used in conjunction without risking producing incompatible data or losing data. For example, if the entity hospital is processed in the same manner as an account of a base CRM application, valuable contact information may be discarded if the account is terminated.

To address these conflicts in the entities and processes of incompatible CRM applications, an embodiment of the invention creates universal business entities and processes by decomposing the various entities and processes. Configuration is then used to specify the relationship between two or more entities. For example, the entity, hospital, of a medical education vertical is decomposed into that portion that pertains to an account generally, and the remaining portion pertaining specifically to a hospital. Hospital is viewed as a type of account, and that type is divided from the entity such that it can be processed independently. Similarly, the entity doctor is decomposed into general contact information and additional information pertaining to a doctor. Configuration is then used to determine the relationship between the entities (e.g., tightly or loosely bound), and also to specify whether a particular customer company will use these entities.

Entity Conflicts

Embodiments of the invention resolve two types of entity conflict; an overlapping entity conflict and an exclusive entity conflict.

An overlapping entity conflict occurs where an entity of one CRM application is a superset or partial superset of an entity of one or more other CRM applications. FIG. 2 illustrates a process in which an overlapping entity conflict is resolve in accordance with one embodiment of the invention. Process 200 begins at operation 205 in which an entity of one CRM application is identified as overlapping a corresponding entity of one or more other CRM applications. For example, as discussed above, a hospital entity of a medical education vertical may be a superset of an account entity of a base CRM application, because the hospital entity includes all of the information of the account entity as well as additional information. For example, the hospital entity may reference entities such as doctors and nurses, and may specify particular roles within the hospital for these personnel such as specifying that a doctor is a surgeon or that a nurse is a member of the emergency receiving staff. In contrast, an account entity for a typical customer company may simply have employees with a corresponding title.

At operation 210 the entities are identified as superset and subset entities. In general the entities need not have a strict subset/superset relationship, but only a partial such relationship.

FIG. 3 depicts a partial subset/superset relationship between corresponding entities of different CRM applications in accordance with one embodiment of the invention. As shown in FIG. 3, circular area 305 represents an entity of a first CRM application and circular area 310 represents a corresponding entity of a second CRM application. Shaded area 315 represents common information of the two entities. Crescent area 306 represents non-common information (i.e., extension information of the first entity beyond the common information and crescent area 311 represents the extension information of the second entity beyond the common information. For purposes of this description, the entity having the greater extension information will be described as the superset entity and the entity having the lesser extension information will be described as the subset entity.

Referring again to FIG. 2, at operation 215 a serialization of the subset entity is developed and used for the subset entity. The subset entity is analyzed and the base attributes (entities and processes) are determined for the entity. The base attributes represent that portion of the entity that is common to the superset entity and moreover, is generally universal to all such entities (e.g., to corresponding entities of different CRM applications). This universal portion is extracted to create a central record (e.g., a database record) comprised of the base attributes.

At operation 220 a serialization of the non-common attributes of the superset entity is developed. This serialization will contain a reference to the serialization of the subset entity and is referred to as a referring serialization. For one embodiment of the invention, the referring serialization is implemented as an extension record of a database record containing the serialization of the subset entity. The superset entity may be implemented as two tables within the database. The first table contains all of the data specific to the subset entity. For example if the subset entity is account, the first table may contain a shipping address, a billing address, a primary account, and other entities and processes generally pertaining to such entities.

The second table contains all of the additional data specific to the superset entity. For example, if the superset entity is a hospital, the second table contains hospital-specific entities and processes such as the hospital amenities (e.g., emergency room, 24-hour nursing, etc.), which could not be effectively implemented in a database record for an account. The second table also contains a reference (ID) that refers to the first table and creates a direct relationship to the first table, so that if the superset entity (e.g., hospital) is accessed, the subset entity (e.g., account) information is referenced as well.

At operation 225 the business processes are reworked in order to manage the subset entity as a sub-process of managing the superset entity. The subset entity may have associated processes that are not shared by the superset entity. For example, in setting up a hospital a core of account data is used, but processes applicable to accounts may not be the same. As described above, a base CRM application may consider accounts and contacts as highly related entities and include code that maintains this tight binding. Therefore a billing address change process effected for the account may include changing the address of every contact associated with the account. Such a process is not central to an account, but may be beneficial to a particular customer company. Such a customer company may desire a CRM application that includes the additional billing logic to propagate a change in account billing address to each contact associated with the account. Therefore, the process (e.g., change billing address process) has to be reworked so that there is an optional portion that can be activated if desired. In general the processes are reworked in any instance where the processes applicable to the superset entity are not the same as corresponding processes.

An additional type of entity conflict resolved by one embodiment of the invention is an exclusive entity conflict. An exclusive entity conflict occurs where two entities interpret the same serialization in different ways. That is each of two CRM applications may have the same specific information, but treat that information in a different manner. For one CRM application the information may have an industry-specific meaning not applicable to the other. For example, the entity account may have the attribute “classification”. For a base CRM application the attribute “classification” of an account may have a general meaning that may be specific to particular customer companies. However for verticals that implement accounts in a specific way, the attribute “classification” may have a strictly interpreted industry-specific meaning. For example, as applied to the entity “hospital”, the attribute “classification” may indicate the services available at the hospital.

FIG. 4 illustrates a process for resolving an exclusive entity conflict in accordance with one embodiment of the invention. Process 400, shown in FIG. 4, begins at operation 405 in which an exclusive entity conflict is identified. Exclusive entity conflicts are identified where two entities using the same underlying database row and column derive different meanings from the data.

At operation 410, the non-conflicting common attributes of each entity are separated from the conflicting attributes. For one embodiment of the invention, a third entity is created to contain the non-conflicting attributes. For such an embodiment, the result is three serializations: one core serialization containing the common non-conflicting attributes, and a separate serialization for each CRM application containing the conflicting attributes. So for example, the three serializations may be a core account serialization containing common attributes of an account, a serialization for hospital classifications (for a medical vertical) and a serialization for account classifications (for a base CRM application).

At operation 415 the conflict between the two separate attribute serializations is resolved separately. Because the conflict between the two separate attribute serializations amounts to an overlapping entity conflict, it can be resolved as discussed above in reference to process 200 of FIG. 2 for one embodiment of the invention.

Process Conflicts

Upon resolution of entity conflicts, conflicts between processes are resolved. Determination of process conflicts can be accomplished in various ways and is typically dependent upon analysis of the state of the entity involved in the process. Process conflicts may be additive process conflicts in which two disconnected processes operate on disjoint attribute sets of an entity. Process conflicts may also be absolute process conflicts in which two disconnected processes operate on partially disjoint attribute sets of an entity.

FIG. 5 illustrates a process for resolving process conflicts in accordance with one embodiment of the invention. Process 500, shown in FIG. 5 begins at operation 505 in which a process conflict is analyzed to determine if it is an additive process conflict or an absolute process conflict.

Upon determination that the process conflict is an additive process conflict, the two processes are chained at operation 510. This allows each of the disconnected processes to be optionally implemented during configuration. Since the processes are disconnected, the order in which the processes are chained is irrelevant. For example, consider a billing address change process for an account that includes changing an account billing address as well as the process of correspondingly changing the billing address of any associated contacts. Such a process may be very desirable for some customer companies but not for others. By chaining the disconnected processes, the option of changing the billing address for an account is provided with the further option of having the change in billing address propagated to the associated contacts for the account. Thus greater configuration flexibility is provided over prior art schemes in which a single integrated specialized process option was provided.

Upon determination that the process conflict is an absolute process conflict, the process conflict resolution continues at operation 515-535 as described below.

Resolution of an absolute process conflict begins at operation 515 in which the attributes and sub-processes of each of the conflicting processes that pertain to the conflict are identified. For example, the logic implementing lead-conversion for a CRM application with account-centric functionality, is different than for a CRM application with contact-centric functionality.

At operation 520 a set of options is defined for each rational order of resolution for a given business process. For example, in resolving an account-centric versus contact-centric process conflict, the conflict presented is whether it is account information or contact information that is required to effect a lead-conversion. The set of options defined may be account information required, contact information required, or no requirement (e.g., don't care).

At operation 525 the option set is provided at the appropriate levels for the users affected by the conflict. The option set may be universal, or within a tighter scope. That is, depending upon the business case, it may be appropriate to provide the options at the company level or for certain roles within the company. For example, personnel within an accounting division may convert leads to accounts while personnel within a training division of the same customer company may convert leads to contacts.

At operation 530 the option set is used to resolve the overlapping attributes. The option selected determines the values for the data that is created (i.e., the data required). For example, if entering a billing address is part of an account creation process, then a billing address will be required when an account is saved.

At operation 535 any remaining disjoint attributes are identified and are resolved as additive process conflicts through repetition of operation 510 as discussed above.

Generating Universal Configuration Options

Resolution of the identified entity and process conflicts creates option sets that may be included in a set of UCOs. The set of UCOs is a set of option that can be selected on a per-company or per-user basis to automatically create a highly tailored deep vertical. Though the option settings are universal so that the system can understand them and maintain data integrity, they are presented differently to individual users.

FIG. 6 illustrates a process creating a set of UCOs that can be combined to tailor a vertical in accordance with one embodiment of the invention. Process 600, shown in FIG. 6 begins at operation 605 in which each configuration option value is assigned a unique system identifier. This provides the system software the ability to distinguish the options.

At operation 610 a master set is created using the unique system identifiers assigned to each option from all initial sets.

At operation 615 the system identifiers of the master set are normalized so that multiple separate values identifying indistinguishable business entities and processes will be assigned to a common system identifier in the master set. For example, a medical vertical may include the entity medical factory, however for purposes of effecting business processes, the entity medical factory may be indistinguishable from the entity factory. In such cases the two entity values are assigned the same system identifier.

At operation 620 entity states are expressed in terms of their assigned system identifiers instead of the values. This includes references to entity states in business processing. For one embodiment of the invention, the system reliably creates universal system identifiers and forces their existence into one or more CRM applications (e.g., a base CRM application).

Provisioned Access Control

The ability to individually select options to tailor a vertical also provides the basis for differential cost assessment based on resource usage. Embodiments of the invention use provisioned access control to allow cost assessment based on granted privileges. Privileges are identifiable rights within a CRM application (e.g., a vertical). Privileges can include basic operations such as updating or deleting a lead or contact or more sophisticated operations such as changing ownership of assets. The set of privileges pertaining to a vertical are based upon the features of the vertical and are dependent upon the configuration options selected.

FIG. 7 illustrates a process for implementing provisioned access control in accordance with one embodiment of the invention. Process 700, shown in FIG. 7, begins at operation 705 in which privileges are associated with a corresponding grant privilege. For one embodiment of the invention, those features of a vertical that are amenable to differential cost assessment are associated with privileges that are securely grantable and traceable.

For one embodiment of the invention the privileges are made securely grantable by implementing for each privilege a corresponding grant privilege that controls the ability to grant a privilege. This property may be applied recursively (i.e., implementing a grant privilege for the grant privilege). Additionally, the ability to grant privileges may be restricted based on the class of the user. For example, the ability of CCEs to grant and revoke privileges may be restricted to within the customer company while CSRs are given the ability to grant and revoke privileges across customer companies. For one embodiment of the invention the privileges are made traceable by implementing an internal reporting system that can query the privilege. The internal reporting system also understands the employee, role and company structure of the runtime configuration data store.

At operation 710 the CSRs are given the ability to grant and revoke all securely grantable privileges upon deployment. This ability applies across customer companies. In some instances the CSRs are not granted the privilege themselves, but only the ability to grant the privilege.

At operation 715, upon purchase of a billable service by a customer company, a CSR grants any grantable privileges related to the purchased billable service to one or more CCAs of the customer company. The CRS may also grant the CCAs the ability to grant the related privileges.

At operation 720, privileges related to billable services that can be provisioned to CCEs are granted to the appropriate CCEs. The grant of such privileges to the CCEs may be from the CCAs or from the CSR, directly.

The granted privileges are associated with the particular user and this association is serialized and stored. For one embodiment of the invention that implements a database-based runtime configuration data store, the serialized association of user and privileges is contained in a database table.

Using the provisioned access control method described above, the traceable history of the privilege (both grant and revocation) can be used to effect a differential cost assessment scheme based on the services provided. The customer company may be assessed costs based upon the number and type of privileges granted including the number of CCAs and CCEs granted privileges. Additionally, or alternatively, customer company may be assessed costs based upon the usage of each privilege.

In accordance with one embodiment of the invention the implementation of provisioned access control complements the vertical tailoring effected through the selection of UCOs. The features of the vertical are associated with a privilege that may be granted as discussed above. From the hosting company perspective, all of the options and associated privileges can be made available on one system (e.g., using the same hardware), and can be differentially billed through provisioned access control. The customer company selects options tailored to the needs of the customer company as determined by a CSR or a CCA. For each optional feature selected (e.g., purchased by the customer company), the CSR grants the associated privilege to the CCA as well as the ability to grant the privilege. The CCA then further tailors the vertical for individual CCEs by granting the privileges associated with vertical features to CCEs based on their individual needs and responsibilities.

General Matters

Embodiments of the invention provide methods and apparatuses for providing a highly tailored vertical. In accordance with various embodiment of the invention entities and processes from any number of verticals may be added to the set of UCOs thus providing a deep tailored vertical combining functionality from each vertical CRM as desired. The tailored verticals are not limited and can behave as deeply as required. Since tailoring has been separated from the business logic core, conflicts between additional and existing entities and processes are reduced.

In accordance with one embodiment of the invention highly tailored verticals are provided by a hosting company within the context of a viable business model that is differentially billable and cost efficient. Additional framework is not based upon the number of customer companies, but on the number of users and amount of usage. Moreover, the hosted highly tailored verticals maintain a low footprint in that additional machines are not required because operations are dynamically hosted at runtime using an integrated runtime framework.

Provisioned access control allows each customer to be assessed costs based upon the extent of services provided and usage amount. For alternative embodiments of the invention, provisioned access control is implemented exclusive of UCOs for tailoring verticals.

Although described in terms of particular options and industries, it will be apparent that embodiments of the invention have applicability to a wide range of verticals and options regarding their associated entities and processes.

For example, embodiments of the invention provide the ability to create highly tailored verticals for such industries as aerospace, automotive, communications, finance, insurance, manufacturing, retail, energy, healthcare, transportation, hotel, among others.

Further, embodiments of the invention may be implemented using a variety of software. For example, the serialization of the subset entity and the superset entity are described above in reference to FIG. 2, as database records. For alternative embodiments of the invention in which an object oriented programming (OOP) language is employed, the referring serialization may be implemented as an OOP language object and a pointer that references another OOP language object implementing the serialization of the subset entity.

As described above in reference to FIG. 1, the customer company may have one or more DPSs. FIG. 8 is a block diagram illustrating one embodiment of a DPS 801 that may be included within the customer company in accordance with an embodiment of the present invention. For alternative embodiments of the present invention, DPS 801 may be a computer that includes a processor 803 coupled to a bus 807. In one embodiment, memory 805, storage 811, display controller 809, communications interface 813, input/output controller 815 and audio controller 827 are also coupled to bus 807.

DPS 801 interfaces to external systems through communications interface 813.Communications interface 813 may include a radio transceiver compatible with wireless telephone signals or other interfaces for coupling a device to other devices. In one embodiment of the present invention, carrier wave signal 825 is received/transmitted between communications interface 813 and network 850. In one embodiment of the present invention, a communications signal 825 may be used to interface DPS 801 with another computer system, a network hub, router or the like. In one embodiment of the present invention, carrier wave signal 825 is considered to be machine readable media, which may be transmitted through wires, cables, optical fibers or through the atmosphere, or the like.

In one embodiment of the present invention, processor 803 may be a conventional microprocessor, such as for example but not limited to an Intel x86 or Pentium family microprocessor, a Motorola family microprocessor, or the like. Memory 805 may be a machine-readable medium such as dynamic random access memory (DRAM) and may include static random access memory (SRAM). Display controller 809 controls in a conventional manner a display 819, which in one embodiment of the invention may be a cathode ray tube (CRT), a liquid crystal display (LCD), an active matrix display, a television monitor or the like. The input/output device 817 coupled to input/output controller 815 may be a keyboard, disk drive, printer, scanner and other input and output devices (e.g., a mouse). In one embodiment of the present invention, audio controller 827 controls in a conventional manner audio output 831 and audio input 829.

Storage 811 may include machine-readable media such as for example but not limited to a magnetic hard disk, a floppy disk, an optical disk, a smart card or another form of storage for data. In one embodiment of the present invention, storage 811 may include removable media, read-only media, readable/writable media or the like. Some of the data may be written by a direct memory access process into memory 805 during execution of software in computer system 801. It is appreciated that software may reside in storage 811, memory 805 or may be transmitted or received via modem or communications interface 813. For the purposes of the specification, the term “machine readable medium” shall be taken to include any medium that is capable of storing data, information or encoding a sequence of instructions for execution by processor 803 to cause processor 803 to perform the methodologies of the present invention. The term “machine readable medium” shall be taken to include, but is not limited to solid-state memories, optical and magnetic disks, carrier wave signals, and the like.

While the invention has been described in terms of several embodiments, those skilled in the art will recognize that the invention is not limited to the embodiments described, but can be practiced with modification and alteration within the spirit and scope of the appended claims. The description is thus to be regarded as illustrative instead of limiting. 

What is claimed is:
 1. A method, comprising: decomposing a first set of business entities and processes (BEPs) and a second set of BEPs into a universal set of BEPs, by a computer system, wherein the first set of BEPs is associated with a first CRM (customer relationship management) application, the second set of BEPs is associated with a second CRM application, the first CRM application and the second CRM application are incompatible with one another, and the decomposing comprises performing, by the computer system, all of the following steps: resolving process conflicts between the first set of BEPs and the second set of BEPs, wherein the resolving comprises  identifying a plurality of possible resolutions for a corresponding process conflict of the process conflicts, wherein the corresponding process conflict involves at least a first process of the first set of BEPs and a second process of the second set of BEPs, the plurality of possible resolutions comprises at least one of  a first resolution, according to which the first process is implemented,  a second resolution, according to which the second process is implemented, and  a third resolution, according to which both the first process and the second process are implemented, and  defining option sets, wherein each of the option sets is defined for each of the possible resolutions, and each option indicates optional implementation of a process that pertains to the corresponding process conflict.
 2. The method of claim 1, further comprising: defining a plurality of universal configuration options (UCOs), wherein each UCO identifies one or more business entities and processes of the universal set of BEPs, selection of each UCO configures a tailored CRM application, and ones of the option sets are included in the plurality of UCOs; and associating a set of privileges with the plurality of UCOs, wherein each UCO of the plurality of UCOs is associated with at least one of the set of privileges, and each of the set of privileges identifies a right to access an operation within the tailored CRM application.
 3. The method of claim 2, further comprising: receiving a selection of one or more UCOs, wherein the one or more UCOs identify one or more business entities and processes of the universal set of BEPs used to configure the tailored CRM application, and the one or more UCOs specify a company-specific configuration of the tailored CRM application; and identifying one or more privileges of the set of privileges that are associated with the one or more UCOs, wherein the one or more privileges are associated with the tailored CRM application according to the selection, and the one or more privileges identify one or more rights to access one or more operations within the tailored CRM application.
 4. The method of claim 3, further comprising: granting the one or more privileges to one or more users of a customer company; determining whether at least one of the one or more privileges requires differential cost assessment; and assessing costs based on the one or more privileges, in response to a determination that the at least one of the one or more privileges requires differential cost assessment.
 5. The method of claim 4, wherein the differential cost assessment is based on at least one of usage of the one or more privileges, a number of users granted the one or more privileges, a type of the one or more privileges, and a number of privileges granted; and the at least one of the one or more privileges determined to require differential cost assessment is securely grantable and traceable.
 6. The method of claim 4, wherein the granting the one or more privileges comprises: selectively granting the one or more privileges to the one or more users, based on specific criteria, wherein the one or more users comprises at least one of an administrator of the customer company, and an employee of the customer company, and the specific criteria comprises at least one of a purchase of one or more of the set of privileges by the customer company, and a role of the employee within the customer company.
 7. The method of claim 2, further comprising: associating the set of privileges with a set of grant privileges; granting the set of grant privileges to a corresponding user, wherein the granting creates an association between the set of grant privileges and the corresponding user, and the association grants the corresponding user an ability to grant the set of privileges to one or more users; and storing the association in a privilege database.
 8. The method of claim 7, wherein the granting the set of grant privileges comprises selectively granting one or more of the set of grant privileges to the corresponding user, and the corresponding user comprises one of a customer service representative serving a customer company, and an administrator of the customer company.
 9. The method of claim 1, wherein the decomposing further comprises: resolving entity conflicts, wherein the resolving the entity conflicts comprises: identifying an entity conflict between a first business entity of the first set of BEPs and a second business entity of the second set of BEPs, wherein the first business entity and the second business entity share a set of common attributes; serializing the set of common attributes into a first table; and serializing non-common attributes into a second table, wherein the non-common attributes are not shared by the first business entity and the second business entity, the first business entity and the second business entity comprise different portions of the non-common attributes, and the second table has a direct relationship with the first table.
 10. The method of claim 9, wherein the serializing the set of common attributes comprises extracting the set of common attributes from the first business entity, and storing the set of common attributes in the first table; and the serializing the non-common attributes comprises extracting the non-common attributes from the first business entity and the second business entity, and storing the non-common attributes in the second table.
 11. The method of claim 9, wherein the resolving the entity conflicts further comprises: reworking a process applicable to the first business entity into a sub-process of the second business entity, wherein the sub-process is applicable to both the first business entity and the second business entity.
 12. The method of claim 9, wherein the entity conflicts comprise at least one of an overlapping entity conflict, wherein a first set of attributes of a first entity of the first set of BEPs overlap a second set of attributes of a second entity of the second set of BEPs, and an exclusive entity conflict, wherein the first set of attributes and the second set of attributes contain same data, the same data of the first set of attributes is interpreted according to a first industry-specific meaning of the first CRM application, the same data of the second set of attributes is interpreted according to a second industry-specific meaning of the second CRM application, and the second industry-specific meaning is inapplicable to the first CRM application.
 13. The method of claim 1, wherein the process conflicts comprise at least one of an additive process conflict, wherein the first process and the second process operate on disjoint attribute sets of an entity of the first set of BEPs, and an absolute process conflict, wherein the first process and the second process operate on partially disjoint attribute sets of the entity of the first set of BEPs.
 14. A non-transitory computer-readable storage medium having stored thereon a plurality of instructions, executable on a computer system, comprising: a first set of instructions configured to decompose a first set of business entities and processes (BEPs) and a second set of BEPs into a universal set of BEPs, by a computer system, wherein the first set of BEPs is associated with a first CRM (customer relationship management) application, the second set of BEPs is associated with a second CRM application, the first CRM application and the second CRM application are incompatible with one another, and the first set of instructions comprises a first subset of instructions configured to resolve process conflicts between the first set of BEPs and the second set of BEPs, wherein the first subset of instructions is further configured to  identify a plurality of possible resolutions for a corresponding process conflict of the process conflicts, wherein the corresponding process conflict involves at least a first process of the first set of BEPs and a second process of the second set of BEPs, the plurality of possible resolutions comprises at least one of  a first resolution, according to which the first process is implemented,  a second resolution, according to which the second process is implemented, and  a third resolution, according to which both the first process and the second process are implemented, and  define option sets, wherein each of the option sets is defined for each of the possible resolutions, and each option indicates optional implementation of a process that pertains to the corresponding process conflict.
 15. The non-transitory computer-readable storage medium of claim 14, wherein the plurality of instructions further comprises: a second set of instructions configured to define a plurality of universal configuration options (UCOs), wherein each UCO identifies one or more business entities and processes of the universal set of BEPs, selection of each UCO configures a tailored CRM application, and ones of the option sets are included in the plurality of UCOs; and a third set of instructions configured to associate a set of privileges with the plurality of UCOs, wherein each UCO of the plurality of UCOs is associated with at least one of the set of privileges, and each of the set of privileges identifies a right to access an operation within the tailored CRM application.
 16. The non-transitory computer-readable storage medium of claim 15, wherein the plurality of instructions further comprises: a fourth set of instructions configured to receive a selection of one or more UCOs, wherein the one or more UCOs identify one or more business entities and processes of the universal set of BEPs used to configure the tailored CRM application, and the one or more UCOs specify a company-specific configuration of the tailored CRM application; and a fifth set of instructions configured to identify one or more privileges of the set of privileges that are associated with the one or more UCOs, wherein the one or more privileges are associated with the tailored CRM application according to the selection, and the one or more privileges identify one or more rights to access one or more operations within the tailored CRM application.
 17. The non-transitory computer-readable storage medium of claim 16, wherein the plurality of instructions further comprises: a sixth set of instructions configured to grant the one or more privileges to one or more users of a customer company; a seventh set of instructions configured to determine whether at least one of the one or more privileges requires differential cost assessment; and an eighth set of instructions configured to assess costs based on the one or more privileges, in response to a determination that the at least one of the one or more privileges requires differential cost assessment.
 18. The non-transitory computer-readable storage medium of claim 17, wherein the differential cost assessment is based on at least one of usage of the one or more privileges, a number of users granted the one or more privileges, a type of the one or more privileges, and a number of privileges granted; and the at least one of the one or more privileges determined to require differential cost assessment is securely grantable and traceable.
 19. The non-transitory computer-readable storage medium of claim 17, wherein the sixth set of instructions is further configured to selectively grant the one or more privileges to the one or more users, based on specific criteria, wherein the one or more users comprises at least one of an administrator of the customer company, and an employee of the customer company, and the specific criteria comprises at least one of a purchase of one or more of the set of privileges by the customer company, and a role of the employee within the customer company.
 20. The non-transitory computer-readable storage medium of claim 15, wherein the plurality of instructions further comprises: a fourth set of instructions configured to associate the set of privileges with a set of grant privileges; a fifth set of instructions configured to grant the set of grant privileges to a corresponding user, wherein the granting creates an association between the set of grant privileges and the corresponding user, and the association grants the corresponding user an ability to grant the set of privileges to one or more users; and a sixth set of instructions configured to store the association in a privilege database.
 21. The non-transitory computer-readable storage medium of claim 20, wherein the fifth set of instructions is further configured to selectively grant one or more of the set of grant privileges to the corresponding user, and the corresponding user comprises one of a customer service representative serving a customer company, and an administrator of the customer company.
 22. The non-transitory computer-readable storage medium of claim 14, wherein the first set of instructions further comprises: a second subset of instructions configured to resolve entity conflicts, wherein the second subset of instructions is further configured to identify an entity conflict between a first business entity of the first set of BEPs and a second business entity of the second set of BEPs, wherein the first business entity and the second business entity share a set of common attributes; serialize the set of common attributes into a first table; and serialize non-common attributes into a second table, wherein the non-common attributes are not shared by the first business entity and the second business entity, the first business entity and the second business entity comprise different portions of the non-common attributes, and the second table has a direct relationship with the first table.
 23. A hosting system, comprising: a data store configured to store a universal set of business entities and processes (BEPs); and a processing system communicatively coupled to the data store, the processing system configured to decompose a first set of BEPs and a second set of BEPs into the universal set of BEPs, by a computer system, wherein the first set of BEPs is associated with a first CRM (customer relationship management) application, the second set of BEPs is associated with a second CRM application, the first CRM application and the second CRM application are incompatible with one another, and the processing system is further configured to resolve process conflicts between the first set of BEPs and the second set of BEPs, wherein the processing system is further configured to  identify a plurality of possible resolutions for a corresponding process conflict of the process conflicts, wherein the corresponding process conflict involves at least a first process of the first set of BEPs and a second process of the second set of BEPs, the plurality of possible resolutions comprises at least one of  a first resolution, according to which the first process is implemented,  a second resolution, according to which the second process is implemented, and  a third resolution, according to which both the first process and the second process are implemented, and  define option sets, wherein each of the option sets is defined for each of the possible resolutions, and each option indicates optional implementation of a process that pertains to the corresponding process conflict.
 24. The hosting system of claim 23, wherein the processing system is further configured to: define a plurality of universal configuration options (UCOs), wherein each UCO identifies one or more business entities and processes of the universal set of BEPs, selection of each UCO configures a tailored CRM application, and ones of the option sets are included in the plurality of UCOs; and associate a set of privileges with the plurality of UCOs, wherein each UCO of the plurality of UCOs is associated with at least one of the set of privileges, and each of the set of privileges identifies a right to access an operation within the tailored CRM application.
 25. The hosting system of claim 24, further comprising: a communication link communicatively coupled between the processing system and a remote user, the communication link configured to communicate the plurality of UCOs to the remote user, and receive one or more selections of the plurality of UCOs from the remote user; and wherein the processing system is further configured to receive a selection of one or more UCOs, wherein the one or more UCOs identify one or more business entities and processes of the universal set of BEPs used to configure the tailored CRM application, and the one or more UCOs specify a company-specific configuration of the tailored CRM application, and identify one or more privileges of the set of privileges that are associated with the one or more UCOs, wherein the one or more privileges are associated with the tailored CRM application according to the selection, and the one or more privileges identify one or more rights to access one or more operations within the tailored CRM application.
 26. The hosting system of claim 25, wherein the processing system is further configured to: grant the one or more privileges to one or more users of a customer company; determine whether at least one of the one or more privileges requires differential cost assessment; and assess costs based on the one or more privileges, in response to a determination that the at least one of the one or more privileges requires differential cost assessment, wherein the differential cost assessment is based on at least one of usage of the one or more privileges, a number of users granted the one or more privileges, a type of the one or more privileges, and a number of privileges granted, and the at least one of the one or more privileges determined to require differential cost assessment is securely grantable and traceable.
 27. The hosting system of claim 24, wherein the processing system is further configured to: associate the set of privileges with a set of grant privileges; grant the set of grant privileges to a corresponding user, wherein the granting creates an association between the set of grant privileges and the corresponding user, and the association grants the corresponding user an ability to grant the set of privileges to one or more users; and store the association in a privilege database.
 28. The hosting system of claim 27, wherein the processing system is further configured to selectively grant one or more of the set of grant privileges to the corresponding user, and the corresponding user comprises one of a customer service representative serving a customer company, and an administrator of the customer company.
 29. The hosting system of claim 26, wherein the processing system is further configured to: selectively grant the one or more privileges to the one or more users, based on specific criteria, wherein the one or more users comprises at least one of an administrator of the customer company, and an employee of the customer company, and the specific criteria comprises at least one of a purchase of one or more of the set of privileges by the customer company, and a role of the employee within the customer company.
 30. The hosting system of claim 23, wherein the processing system is further configured to: resolve entity conflicts, wherein the processing system is further configured to identify an entity conflict between a first business entity of the first set of BEPs and a second business entity of the second set of BEPs, wherein the first business entity and the second business entity share a set of common attributes; serialize the set of common attributes into a first table; and serialize non-common attributes into a second table, wherein the non-common attributes are not shared by the first business entity and the second business entity, the first business entity and the second business entity comprise different portions of the non-common attributes, and the second table has a direct relationship with the first table. 